Michael Baker

Name of the Vulnerable Software and Affected Versions: PAN-OS (affected versions not specified) Description: A server-side request forgery in PAN-OS software enables an attacker to use the administrative web interface as a proxy, allowing them to view internal network resources not otherwise accessible. The attacker may or may not need administrative privileges, as conflicting information is provided. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS software (affected versions not specified) **Description** A null pointer dereference issue in the GlobalProtect gateway of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet, causing a denial of service (DoS) condition. Repeated attempts to trigger this condition can result in the firewall entering maintenance mode. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.